Meta

PRR – Privacy Respecting Router a #freedentity idea

In the next few weeks I will outline more parts of something we (a few friends of me) are calling FreeDentity. That’s why I have added a category and a tag to my posts with the same name. So stay tuned for the philosophy, while in this post I talk about a project idea that actually implements that philosophy.

The PRR – Privacy Respecting Router

The typical internet user in the developed countries has a DSL connection with quite some speed (and unused bandwidth). For many people the main communication paths are email, facebook, twitter. Domain names are cheap. DynDNS etc allow you to reach your router at home with a defined hostname.

Current news show us a future that isn’t that bright. Subpoenas against twitter users that only see the light due to twitter legal department asking to unseal the sealed (thus secret) subpoena are just the tip of the iceberg.

The only solution is actually quite simple. In order to gain more control over your privacy and data, you should keep it under your control whenever possible. Handing your data to Facebook, twitter or gmail however is the opposite of that. You hand over your data under typically broad terms of use that give Facebook, Twitter, Google a lot of rights and leave you in the dark about what actually happens with it.

Two things have happened however that might make a change for some of us (hopefully becoming more and more):

Powerful routers that can handle a lot of work, not just forwarding and NATting IP packets.

So let’s combine all of that into one thing. An Open Source firmware for typical routers that offer these functions, thus keeping your data private but still allowing you to share with the world. All of that under an extremely simple User Interface.

A firmware that when doing its first-time config asks you for your domain name, sets up a local mail server for that domain, updates the DNS entries to make sure your mail comes to you.

A firmware that sets up a simple instance of statusnet, with the possibility to sync your dents to twitter.

A firmware that runs a simple instance of diaspora, allowing you to do the facebook dance from your home.

A firmware that hands out WebID so you can use your server from the internet in a secure way, eg from your android phone, netbook etc when on the road.

A firmware that stores all of your data in a secure way either on flash, USB Harddrive or NAS – but local, not in the cloud.

The requirements are thus:

Simple Installation Ask only what is really needed, do everything with automagic in the background.

Reliability run forever, use minimal resources.

Secure Encrypt whatever goes out and comes in.

Open Use only open standards, only Free Software. Royalty Free. No calling home. No central registry of users.

Would that be what Moglen talks about when referring to his freedom box? I don’t know. But I do know that my data is too valuable to let out uncontrolleed or governed by companies that I cannot trust forever.

9 thoughts on “PRR – Privacy Respecting Router a #freedentity idea”

This indeed what Eben Moglen has been talking about and it is very worth doing. The FreedomBox project has been pretty quiet lately though, it needs a champion.

I’m not sure I agree that it’s ever going to be realistic to get everyone to buy a new device though, and many of us are constrained by our ISPs in what routers we can use. I think it’s also worth exploring how much of this “independence stack” can be made into a trivially installed application for the Windows or Mac (Linux is already easy) machines people already have. Packaging isn’t sexy work, but it’s absolutely worth doing.

If it were easier to install and run this stuff, a lot of people would. There are obviously some routing and filtering issues to be dealt with (I am working on one possible solution to that, check out PageKite if you haven’t already), but to be honest an embedded solution like you’re proposing would have to deal with those too – lots of ISPs block ports 25 and 80.

The good thing is that my approach would blame those ISPs that filter excessively 😉 But I get the point. And I have thought about that too. Effectively I am proposing to get rid of application specific thinking and treat your data as a singke social graph with different attributes. Mail, microblogging, blogging, posting pictures are effectively context driven and not application specific. So by having a simple service that you “throw” your stuff against and let it translate it to whatever standard (oStatus for microblogging, SMTP/IMAP for mail etc.) would allow you to publish and communicate in a far more natural way. Hm. I guess I need to write more about what I have in mind.

The idea is there. The details are flakey though. DynDNS? As if the FBI holds no power over them?
And why require a domainname in the first place? TCP/IP and HTTP don’t /require/ a domainname, all they need is an address, IP, or IPV6 to communicate with. IT is what your server does with my laptop the moment I hit “Post Comment” below.
Software does not require a DNS, look at jabber, Skype or torrent. It gets its packages delivered to your laptop, no matter where you open its lid.

The second flaw, is that you seek solutions in web-apps. Wep applications are precicely that: applications for the web. They are not called “Desktop applications”, because they are not that: applications run from your local

The solution should be sought in two directions. Getting the frigging OSS community in line to agree on /one/ social standard. XMPP (identi.ca, appleseed, jabber), OStatus (identi.ca, partly), Salmon (diaspora) pubsubhubbub (diaspora), simple REST (twitter) and so on. It is an utter mess out there. Not a single solution grows mature, before it is brought down by four opponents trying to do it “better”.
And secondly writing apps that use these protocols to talk to one another, network and create on-desktop access to your social networks’ messages.
This sounds hard, but is not at all. It is exactly what the gazillion-something twitter-apps do. It is what the hundredfourtytwo jabber clients do. And so on. They only need to present their “tweets” or “jabbers” in a slightly different way. Hell, facebook even talks Jabber, so bam, you have it integrated already.

As always, this is not a technical problem the OSS community needs to overcome (frankly, they ar every good at that: overcoming technical problems) but a social one: get together and agree on something (frankly, they are very bad at that, solving social problems by agreeïng on one system).

Besides fixing the huge amount of speling errors, there is one more thing i’d like to add.

Diaspora is written in Rails. The moment that became known, about every language announced its own port. Diaspora in PHP appears to be the only one that got about 10% of the featureset as of yet. About every security-awarew person sood up and found holes in this software (a small amount are still exploitable). There is a Diaspora-on-PostgreSQL, a DiasporaX (using XMPP/jabber) a Diasphpora and I don’t know what more. But there is no, none at all, consensus on the underlying *philosofy*.

Should it enlighten the world with privacy trough an interchangangable, no-feature-loss Facebook takeover?
Should it bring joy to the few who know how to erect resque and redis distributed worker queues on top of mongoDB infrastructures?

Who is this freedentica for? The very few ubuntu users with Gwibber installed? The larger ubunut community who “just want a cheap Word[tm] and access to Gmail and Facebook” or the community of Tor-using tinfoil-hatters?

Who is it for? And how can we reach them? And when should we get them in the loop?